Straszne mulenie komputera..

**Posty:** 720 · przez **Devilek** 02 Wrz 2010, 16:19

Ostatnimi czasy komputer zaczal mi strasznie mulic. Co najlepsze stalo sie to dosc nagle. Jednego dnia komp zostal wlaczony na noc.. Wieczorem wszystko smigalo a rano nie dalo sie juz zobaczyc zadnego filmiku na YT, ani nawet w pasjansa pograc bo wszystko zamulalo.

GMER

Kod: Zaznacz wszystko: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-09-02 15:52:04 Windows 5.1.2600 Dodatek Service Pack 3 Running: 107rzgih.exe; Driver: C:\DOCUME~1\Welcome\USTAWI~1\Temp\pxtdapow.sys ---- System - GMER 1.0.15 ---- SSDT 89548580 ZwAssignProcessToJobObject SSDT 89549100 ZwDebugActiveProcess SSDT 89548B30 ZwDuplicateObject SSDT 89547CC0 ZwOpenProcess SSDT 89547FC0 ZwOpenThread SSDT 895489C0 ZwProtectVirtualMemory SSDT 89548860 ZwSetContextThread SSDT 895486E0 ZwSetInformationThread SSDT 89545700 ZwSetSecurityObject SSDT 89548420 ZwSuspendProcess SSDT 895482C0 ZwSuspendThread SSDT 89547E50 ZwTerminateProcess SSDT 89548150 ZwTerminateThread SSDT 89548F50 ZwWriteVirtualMemory ---- Kernel code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB967E360, 0x34CDBF, 0xE8000020] ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[1936] kernel32.dll!SetUnhandledExceptionFilter 7C8449FD 4 Bytes [C2, 04, 00, 00] ---- Devices - GMER 1.0.15 ---- AttachedDevice \FileSystem\Ntfs \Ntfs eamon.sys (Amon monitor/ESET) AttachedDevice \Driver\Tcpip \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x23 0xAC 0xEE 0xE8 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x23 0xAC 0xEE 0xE8 ... ---- EOF - GMER 1.0.15 ----

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2010-09-02 16:02:30 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Welcome\Pulpit\CLEAN UP Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 22,14 Gb Free Space | 15,12% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 0,67 Gb Free Space | 0,34% Space Free | Partition Type: NTFS Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: Welcome Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe PRC - [2010-07-28 09:31:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2008-09-20 21:36:11 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe MOD - [2008-09-20 21:35:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(Atheros)) Atheros ZD1211B IEEE 802.11 Wireless LAN Driver (USB)(Atheros) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\IMV8389.tmp -- (GarenaPEngine) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - [2010-05-28 13:47:07 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2009-11-26 00:06:34 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-04-01 02:09:16 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-04-01 02:09:16 | 000,011,904 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-04-01 02:09:14 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008-11-12 15:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-09-20 21:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-07-08 15:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008-07-08 15:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) DRV - [2008-07-08 15:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008-07-08 15:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM) DRV - [2008-07-08 15:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2008-04-29 10:00:00 | 000,288,896 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2008-04-17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-10-23 18:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2006-11-30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2004-10-15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.backup.ftp: "proxy.triple.pl" FF - prefs.js..network.proxy.backup.ftp_port: 8080 FF - prefs.js..network.proxy.backup.gopher: "proxy.triple.pl" FF - prefs.js..network.proxy.backup.gopher_port: 8080 FF - prefs.js..network.proxy.backup.socks: "proxy.triple.pl" FF - prefs.js..network.proxy.backup.socks_port: 8080 FF - prefs.js..network.proxy.backup.ssl: "proxy.triple.pl" FF - prefs.js..network.proxy.backup.ssl_port: 8080 FF - prefs.js..network.proxy.ftp: "proxy.triple.pl" FF - prefs.js..network.proxy.ftp_port: 8080 FF - prefs.js..network.proxy.gopher: "proxy.triple.pl" FF - prefs.js..network.proxy.gopher_port: 8080 FF - prefs.js..network.proxy.http: "proxy.triple.pl" FF - prefs.js..network.proxy.http_port: 8080 FF - prefs.js..network.proxy.share_proxy_settings: true FF - prefs.js..network.proxy.socks: "proxy.triple.pl" FF - prefs.js..network.proxy.socks_port: 8080 FF - prefs.js..network.proxy.ssl: "proxy.triple.pl" FF - prefs.js..network.proxy.ssl_port: 8080 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-31 16:29:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-28 09:31:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-05-30 21:47:59 | 000,000,000 | ---D | M] [2010-04-27 23:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Extensions [2010-09-01 12:19:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions [2008-10-12 21:33:32 | 000,000,000 | ---D | M] (X-Wars GHOST Plugin) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{90BCCD47-C818-41be-910E-0582947E30AF} [2010-07-15 14:51:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-09 22:24:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2008-10-26 08:58:03 | 000,000,523 | ---- | M] () -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\daemon-search.xml [2009-01-05 20:02:20 | 000,001,196 | ---- | M] () -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\winamp-search.xml [2010-09-01 12:19:53 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-05 17:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-05 17:58:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-11 10:07:00 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll [2010-07-15 12:42:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-15 12:42:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-15 12:42:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-15 12:42:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-15 12:42:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-15 12:42:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-03-06 00:23:47 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] File not found O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [ZDWLan_Utility] File not found O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-12 19:44:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\Shell - "" = AutoRun O33 - MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-09-01 23:29:32 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Welcome\Recent [2010-08-05 20:51:16 | 000,000,000 | ---D | C] -- C:\Riot Games [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-09-02 16:00:05 | 000,199,135 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-09-02 15:59:59 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-02 15:59:56 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-01 23:40:50 | 008,388,608 | -H-- | M] () -- C:\Documents and Settings\Welcome\NTUSER.DAT [2010-09-01 19:04:02 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Welcome\ntuser.ini [2010-09-01 14:24:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-31 16:31:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-31 16:31:32 | 000,082,432 | ---- | M] () -- C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-08-30 01:55:06 | 000,000,478 | -H-- | M] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-08-29 16:10:02 | 000,000,624 | ---- | M] () -- C:\WINDOWS\win.ini [2010-08-29 16:10:02 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-08-29 16:10:02 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-08-12 12:54:27 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-08-24 13:44:43 | 000,000,478 | -H-- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-08-24 13:42:21 | 801,547,164 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi [2010-08-09 11:53:50 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [2010-05-30 21:51:13 | 000,082,432 | ---- | C] () -- C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-22 16:30:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-03-22 16:28:28 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2009-11-02 00:50:16 | 001,208,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-08-29 19:35:29 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ra3.ini [2009-07-12 22:49:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-14 22:41:12 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2008-12-08 14:53:37 | 000,000,499 | ---- | C] () -- C:\WINDOWS\BDE.INI [2008-12-08 14:53:37 | 000,000,177 | ---- | C] () -- C:\WINDOWS\BCW5.INI [2008-12-08 14:53:37 | 000,000,085 | ---- | C] () -- C:\WINDOWS\TDW.INI [2008-12-08 14:53:36 | 000,188,448 | ---- | C] () -- C:\WINDOWS\System32\bocof.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw32000c.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw320007.dll [2008-12-08 14:53:36 | 000,000,586 | ---- | C] () -- C:\WINDOWS\owl.ini [2008-11-29 22:18:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-11-20 15:44:17 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-02 12:07:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008-10-25 22:51:56 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-13 07:28:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-10-13 07:28:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-10-12 21:36:36 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-10-12 21:36:36 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-10-12 21:36:36 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-10-12 21:36:36 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-12 21:25:36 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-10-12 19:40:33 | 000,058,750 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini [2008-10-12 19:40:32 | 000,014,972 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini [2008-10-12 19:40:31 | 000,018,031 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-06-05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-01-14 13:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll [color=#E56717]========== LOP Check ==========[/color] [2010-03-18 01:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2008-10-12 22:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CCP [2010-05-04 14:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-05-30 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-20 20:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 18:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-08-05 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-03-22 16:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2010-06-14 21:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee [2010-04-02 11:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-17 14:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test [2010-07-18 12:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test105 [2010-05-10 20:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Command and Conquer 4 [2008-10-26 08:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\DAEMON Tools [2010-02-24 11:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Gadu-Gadu 10 [2010-02-25 12:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LG Electronics [2010-07-17 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LolClient [2010-03-29 00:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mount&Blade [2010-06-05 11:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape [2010-08-05 21:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\TS3Client [2010-09-01 14:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2010-09-02 16:02:30 - Run 1 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Welcome\Pulpit\CLEAN UP Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 75,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 92,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 22,14 Gb Free Space | 15,12% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 0,67 Gb Free Space | 0,34% Space Free | Partition Type: NTFS Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: Welcome Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "57653:TCP" = 57653:TCP:*:Enabled:Pando Media Booster "57653:UDP" = 57653:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724 "57653:TCP" = 57653:TCP:*:Enabled:Pando Media Booster "57653:UDP" = 57653:UDP:*:Enabled:Pando Media Booster "8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher "8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher "6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher "6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher "8378:TCP" = 8378:TCP:*:Enabled:League of Legends Launcher "8378:UDP" = 8378:UDP:*:Enabled:League of Legends Launcher "8379:TCP" = 8379:TCP:*:Enabled:League of Legends Launcher "8379:UDP" = 8379:UDP:*:Enabled:League of Legends Launcher "6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher "6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher "6955:TCP" = 6955:TCP:*:Enabled:League of Legends Launcher "6955:UDP" = 6955:UDP:*:Enabled:League of Legends Launcher [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- File not found "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "C:\Gry\EVE\bin\ExeFile.exe" = C:\Gry\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile -- File not found "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Gry\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe" = C:\Gry\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V - Dzikie Hordy -- File not found "C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi -- File not found "C:\Gry\Spring\SpringDownloader.exe" = C:\Gry\Spring\SpringDownloader.exe:*:Enabled:SpringDownloader -- (caspring.org) "C:\Program Files\NX Client for Windows\nxclient.exe" = C:\Program Files\NX Client for Windows\nxclient.exe:*:Enabled:nxclient -- File not found "C:\Program Files\NX Client for Windows\bin\nxssh.exe" = C:\Program Files\NX Client for Windows\bin\nxssh.exe:*:Enabled:nxssh -- File not found "C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- () "C:\Gry\Władca Pierścieni® - Podbój™\Conquest.exe" = C:\Gry\Władca Pierścieni® - Podbój™\Conquest.exe:*:Enabled:Game -- File not found "C:\Gry\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Program Files\Konnekt\konnekt.exe" = C:\Program Files\Konnekt\konnekt.exe:*:Enabled:Konnekt - Core -- File not found "C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- File not found "C:\Gry\World of Warcraft\BackgroundDownloader.exe" = C:\Gry\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\Launcher.exe" = C:\Gry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found "C:\Gry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\Gry\Warcraft III\Warcraft III.exe" = D:\Gry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found "C:\Gry\Warcraft III\Warcraft III.exe" = C:\Gry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment) "D:\Red Alert 3\Data\ra3_1.0.game" = D:\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\MatchMaker\identd.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\MatchMaker\identd.exe:*:Enabled:identd -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\MatchMaker\identd.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\MatchMaker\identd.exe:*:Enabled:identd -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\populous\popTB.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\populous\popTB.exe:*:Enabled:D3Ddpop3w -- File not found "C:\Documents and Settings\Welcome\Moje dokumenty\OpenLieroX_0.57_beta8.win32\OpenLieroX\OpenLieroX.exe" = C:\Documents and Settings\Welcome\Moje dokumenty\OpenLieroX_0.57_beta8.win32\OpenLieroX\OpenLieroX.exe:*:Enabled:OpenLieroX -- File not found "C:\Gry\EA GAMES\Need for Speed Most Wanted\speed.exe" = C:\Gry\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed -- File not found "C:\Documents and Settings\Welcome\Pulpit\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip.Skullptura\Red Alert 3\Data\ra3_1.0.game" = C:\Documents and Settings\Welcome\Pulpit\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip.Skullptura\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found "C:\Gry\DoW DC\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Gry\DoW DC\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade -- File not found "C:\Gry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10522-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10522-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\Launcher.exe" = D:\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS) "C:\Gry\Ubisoft\Settlers IV - Zlota Edycja\Exe\S4_Main.exe" = C:\Gry\Ubisoft\Settlers IV - Zlota Edycja\Exe\S4_Main.exe:*:Enabled:S4_Main -- (Blue Byte Software, Inc.) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Steam\steamapps\teitbite\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\teitbite\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Gry\League of Legends\Air\LolClient.exe" = C:\Gry\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "C:\Gry\League of Legends\Game\League of Legends.exe" = C:\Gry\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{011D1ECA-74C7-429E-B97F-8FF154A0EC19}" = Wiggles "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2965C062-FBC0-4505-9EB8-4497252BB41F}" = Gothic II "{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer "{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-365CN "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758A4269-70E5-4B11-B419-F692882408A9}" = Gothic "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{81C6BFED-691E-402A-95DA-F6DE1A351045}" = Nero 8 "{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tyberyjski Zmierzch "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A2422674-F3A7-46F2-8966-EC6B1FBD6EB3}" = Settlers IV - Złota Edycja "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13 "{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "{C6754E95-9700-45AB-A6C5-668F5F449E27}" = LG Bluetooth Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "CCleaner" = CCleaner "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "ffdshow_is1" = ffdshow [rev 1803] [2008-01-20] "Foxit Reader" = Foxit Reader "Gadu-Gadu 10" = Gadu-Gadu 10 "Garena" = Garena 2010 "Graphical Enhancement Textures" = Graphical Enhancement Textures 2.5 "InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "Knights and Merchants TPR" = Knights and Merchants TPR "League of Legends_is1" = League of Legends "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "Mount&Blade" = Mount&Blade "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NVIDIA Drivers" = NVIDIA Drivers "oDC" = oDC (remove only) "Picasa 3" = Picasa 3 "RealAlt_is1" = Real Alternative 1.7.5 "SkanerOnline" = Skaner on-line mks_vir "Steam App 10" = Counter-Strike "SubEdit-Player_is1" = SubEdit-Player "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Virtua Tennis" = Virtua Tennis "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver "Xfire" = Xfire (remove only) "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "xvid" = XviD MPEG-4 Video Codec [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Octoshape Streaming Services" = Octoshape Streaming Services "uTorrent" = µTorrent "Warcraft III" = Warcraft III: wszystkie elementy "World of Logs Client" = World of Logs Client [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-04-19 17:04:23 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/04/19 23:04:23.927]: [00000640]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-04-28 04:52:31 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/04/28 10:52:31.046]: [00000700]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-14 11:44:25 | Computer Name = PC | Source = ESENT | ID = 482 Description = wuauclt (1536) Próba zapisu do pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" na pozycji względnej 0 (0x0000000000000000) w ilości 8192 (0x00002000) bajtów zakończyła się niepomyślnie z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error - 2010-05-14 11:44:25 | Computer Name = PC | Source = ESENT | ID = 439 Description = wuauclt (1536) Nie można dokonać zapisu lustrzanego nagłówka pliku C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Błąd -1808. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 482 Description = wuauclt (184) Próba zapisu do pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk" na pozycji względnej 0 (0x0000000000000000) w ilości 4096 (0x00001000) bajtów zakończyła się niepomyślnie z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 439 Description = wuauclt (184) Nie można dokonać zapisu lustrzanego nagłówka pliku C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk. Błąd -1808. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 454 Description = wuauclt (184) Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -510. Error - 2010-05-18 05:23:04 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/18 11:23:04.089]: [00000948]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-24 05:51:27 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/24 11:51:27.671]: [00000976]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-26 05:48:27 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/26 11:48:27.015]: [00000976]: CUsbScnDev: DeviceIoControl Illegal response [ System Events ] Error - 2010-09-01 17:20:12 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-01 17:20:14 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-09-02 04:41:12 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-02 06:01:40 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-02 06:01:48 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-09-02 06:01:52 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-09-02 09:56:36 | Computer Name = PC | Source = Service Control Manager | ID = 7031 Description = Usługa ESET Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. W przeciągu 0 milisekund zostanie podjęta następująca czynność korekcyjna: Uruchom usługę ponownie. Error - 2010-09-02 10:00:14 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-02 10:00:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa NVIDIA Display Driver Service niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. Error - 2010-09-02 10:00:55 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

Malwarebytes' Anti-Malware

Kod: Zaznacz wszystko: Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Wersja bazy: 4052 Windows 5.1.2600 Dodatek Service Pack 3 Internet Explorer 7.0.5730.13 2010-09-02 17:31:03 mbam-log-2010-09-02 (17-31-03).txt Typ skanowania: Szybkie skanowanie Przeskanowano obiektów: 113937 Upłynęło: 12 minut(y), 13 sekund(y) Zainfekowanych procesów w pamięci: 0 Zainfekowanych modułów w pamięci: 0 Zainfekowanych kluczy rejestru: 0 Zainfekowanych wartości rejestru: 0 Zainfekowane informacje rejestru systemowego: 0 Zainfekowanych folderów: 0 Zainfekowanych plików: 0 Zainfekowanych procesów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych modułów w pamięci: (Nie znaleziono zagrożeń) Zainfekowanych kluczy rejestru: (Nie znaleziono zagrożeń) Zainfekowanych wartości rejestru: (Nie znaleziono zagrożeń) Zainfekowane informacje rejestru systemowego: (Nie znaleziono zagrożeń) Zainfekowanych folderów: (Nie znaleziono zagrożeń) Zainfekowanych plików: (Nie znaleziono zagrożeń)

**Posty:** 584 · przez **Andziorka** 02 Wrz 2010, 18:29

W okienko OTL wklej poniższy skrypt i klik na Wykonaj skrypt:

:Processes
explorer.exe

:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\IMV8389.tmp -- (GarenaPEngine)
FF - prefs.js..network.proxy.backup.ftp: "proxy.triple.pl"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.gopher: "proxy.triple.pl"
FF - prefs.js..network.proxy.backup.gopher_port: 8080
FF - prefs.js..network.proxy.backup.socks: "proxy.triple.pl"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "proxy.triple.pl"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: "proxy.triple.pl"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.gopher: "proxy.triple.pl"
FF - prefs.js..network.proxy.gopher_port: 8080
FF - prefs.js..network.proxy.http: "proxy.triple.pl"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "proxy.triple.pl"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: "proxy.triple.pl"
FF - prefs.js..network.proxy.ssl_port: 8080
O4 - HKLM..\Run: [AutoEJCD_0ACE20FF] File not found
O4 - HKLM..\Run: [ZDWLan_Utility] File not found
O4 - HKU\.DEFAULT..\RunOnce: [nltide_2] File not found
O4 - HKU\S-1-5-18..\RunOnce: [nltide_2] File not found
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O33 - MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\Shell\AutoRun\command - "" = F:\Installer.exe -- File not found

:Files
C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\daemon-search.xml
C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\winamp-search.xml
C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Driver::
GarenaPEngine

:REG
[-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2]

:Commands
[emptytemp]
[emptyflash]
[clearallrestorepoints]

I daj powstałego po usunięciu loga.

Zaktualizuj IE do wersji 8, nawet jeśli nie używasz tej przeglądarki: http://www.microsoft.com/poland/windows/internet-explorer/
Wykonaj optymalizację systemu: http://forum.programosy.pl/optymalizacja-windowsa-xp-vt89133.html

Autor postu otrzymał pochwałę

**Posty:** 720 · przez **Devilek** 02 Wrz 2010, 23:35

Zrobione. Niestety dalej muli...

Kod: Zaznacz wszystko: All processes killed ========== PROCESSES ========== No active process named explorer.exe was found! ========== OTL ========== Service GarenaPEngine stopped successfully! Service GarenaPEngine deleted successfully! File C:\DOCUME~1\Welcome\USTAWI~1\Temp\IMV8389.tmp not found. Prefs.js: "proxy.triple.pl" removed from network.proxy.backup.ftp Prefs.js: 8080 removed from network.proxy.backup.ftp_port Prefs.js: "proxy.triple.pl" removed from network.proxy.backup.gopher Prefs.js: 8080 removed from network.proxy.backup.gopher_port Prefs.js: "proxy.triple.pl" removed from network.proxy.backup.socks Prefs.js: 8080 removed from network.proxy.backup.socks_port Prefs.js: "proxy.triple.pl" removed from network.proxy.backup.ssl Prefs.js: 8080 removed from network.proxy.backup.ssl_port Prefs.js: "proxy.triple.pl" removed from network.proxy.ftp Prefs.js: 8080 removed from network.proxy.ftp_port Prefs.js: "proxy.triple.pl" removed from network.proxy.gopher Prefs.js: 8080 removed from network.proxy.gopher_port Prefs.js: "proxy.triple.pl" removed from network.proxy.http Prefs.js: 8080 removed from network.proxy.http_port Prefs.js: true removed from network.proxy.share_proxy_settings Prefs.js: "proxy.triple.pl" removed from network.proxy.socks Prefs.js: 8080 removed from network.proxy.socks_port Prefs.js: "proxy.triple.pl" removed from network.proxy.ssl Prefs.js: 8080 removed from network.proxy.ssl_port Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\AutoEJCD_0ACE20FF deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ZDWLan_Utility deleted successfully. Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 deleted successfully. Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\nltide_2 not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\\{AEB6717E-7E19-11d0-97EE-00C04FD91972} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AEB6717E-7E19-11d0-97EE-00C04FD91972}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5fd95ff9-988d-11dd-abf0-806d6172696f}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5fd95ff9-988d-11dd-abf0-806d6172696f}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5fd95ff9-988d-11dd-abf0-806d6172696f}\ not found. File F:\Installer.exe not found. ========== FILES ========== C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\daemon-search.xml moved successfully. C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\searchplugins\winamp-search.xml moved successfully. C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully. File\Folder Driver:: not found. File\Folder GarenaPEngine not found. ========== REGISTRY ========== Registry key HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine\ not found. Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\ deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 41620 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 32902 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 67 bytes User: Welcome ->Temp folder emptied: 303536 bytes ->Temporary Internet Files folder emptied: 96275 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 30307088 bytes ->Flash cache emptied: 48460 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 68638 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 29,00 mb [EMPTYFLASH] User: All Users User: Default User ->Flash cache emptied: 0 bytes User: LocalService User: NetworkService User: Welcome ->Flash cache emptied: 0 bytes Total Flash Files Cleaned = 0,00 mb Restore points cleared and new OTL Restore Point set! OTL by OldTimer - Version 3.2.11.0 log created on 09022010_232601 Files\Folders moved on Reboot... File\Folder C:\WINDOWS\temp\Perflib_Perfdata_cc0.dat not found! Registry entries deleted on Reboot..

**Posty:** 584 · przez **Andziorka** 02 Wrz 2010, 23:47

A optymalizacja wykonana? Defragmentacja, usuwanie zbędników z msconfig etc? Daj nowego loga z OTL jeszcze. I sprawdź temperatury komputera np. programem Everest i podaj na forum.

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 00:24

Wykonana.

Kod: Zaznacz wszystko: OTL aOTL logfile created on: 2010-09-03 00:12:07 - Run 2 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Welcome\Pulpit\CLEAN UP Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 74,00% Memory free 4,00 Gb Paging File | 4,00 Gb Available in Paging File | 91,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 19,95 Gb Free Space | 13,62% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 6,72 Gb Free Space | 3,44% Space Free | Partition Type: NTFS Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: Welcome Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe PRC - [2010-07-28 09:31:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2009-10-02 01:00:00 | 002,430,048 | ---- | M] (Lavalys, Inc.) -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\everest.exe PRC - [2008-09-20 21:36:11 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe MOD - [2008-09-20 21:35:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ) SRV - [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(Atheros)) Atheros ZD1211B IEEE 802.11 Wireless LAN Driver (USB)(Atheros) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - [2010-05-28 13:47:07 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2009-11-26 00:06:34 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-10-02 01:00:00 | 000,027,248 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Lavalys\EVEREST Ultimate Edition\kerneld.wnt -- (EverestDriver) DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-04-01 02:09:16 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-04-01 02:09:16 | 000,011,904 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-04-01 02:09:14 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008-11-12 15:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-09-20 21:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-07-08 15:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008-07-08 15:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) DRV - [2008-07-08 15:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008-07-08 15:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM) DRV - [2008-07-08 15:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2008-04-29 10:00:00 | 000,288,896 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2008-04-17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-10-23 18:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2006-11-30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2004-10-15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: "" FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: "" FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: "" FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: "" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-31 16:29:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-28 09:31:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-05-30 21:47:59 | 000,000,000 | ---D | M] [2010-04-27 23:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Extensions [2010-09-02 16:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions [2008-10-12 21:33:32 | 000,000,000 | ---D | M] (X-Wars GHOST Plugin) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{90BCCD47-C818-41be-910E-0582947E30AF} [2010-07-15 14:51:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-09 22:24:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-09-02 16:20:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-05 17:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-05 17:58:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-11 10:07:00 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll [2010-07-15 12:42:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-15 12:42:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-15 12:42:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-15 12:42:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-15 12:42:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-15 12:42:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-03-06 00:23:47 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-12 19:44:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-09-02 23:26:01 | 000,000,000 | ---D | C] -- C:\_OTL [2010-09-02 23:23:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Welcome\IETldCache [2010-09-02 23:08:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-09-02 22:38:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-09-02 22:36:08 | 000,000,000 | ---D | C] -- C:\1e2621fdad34190dd57265b707fe5c [2010-09-02 18:45:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-09-02 18:45:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-09-02 18:44:54 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010-09-02 18:44:51 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-09-02 18:44:44 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-09-02 18:43:56 | 000,000,000 | ---D | C] -- C:\fecbf9cee108d3f1cf43070b2dca3a [2010-09-02 18:38:59 | 017,037,680 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\Welcome\Pulpit\IE8-WindowsXP-x86-PLK.exe [2010-09-02 16:21:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Welcome\Recent [2010-08-05 20:51:16 | 000,000,000 | ---D | C] -- C:\Riot Games [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-09-03 00:11:41 | 000,043,934 | ---- | M] () -- C:\Documents and Settings\Welcome\Pulpit\aaa.jpg [2010-09-02 23:57:42 | 000,199,135 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-09-02 23:57:36 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-02 23:57:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-02 23:54:12 | 008,388,608 | -H-- | M] () -- C:\Documents and Settings\Welcome\NTUSER.DAT [2010-09-02 23:11:40 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-09-02 23:06:31 | 000,000,476 | -H-- | M] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-09-02 22:49:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-09-02 22:49:14 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo [2010-09-02 22:35:59 | 000,000,624 | ---- | M] () -- C:\WINDOWS\win.ini [2010-09-02 22:35:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-09-02 22:35:59 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-09-02 18:56:41 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Welcome\ntuser.ini [2010-09-02 18:39:05 | 017,037,680 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Welcome\Pulpit\IE8-WindowsXP-x86-PLK.exe [2010-08-31 16:31:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-12 12:54:27 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-02 23:06:18 | 000,000,476 | -H-- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-09-02 23:04:06 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-09-02 22:49:14 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo [2010-08-24 13:42:21 | 801,547,164 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi [2010-08-09 11:53:50 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-22 16:30:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-03-22 16:28:28 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2009-11-02 00:50:16 | 001,208,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-08-29 19:35:29 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ra3.ini [2009-07-12 22:49:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-14 22:41:12 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2008-12-08 14:53:37 | 000,000,499 | ---- | C] () -- C:\WINDOWS\BDE.INI [2008-12-08 14:53:37 | 000,000,177 | ---- | C] () -- C:\WINDOWS\BCW5.INI [2008-12-08 14:53:37 | 000,000,085 | ---- | C] () -- C:\WINDOWS\TDW.INI [2008-12-08 14:53:36 | 000,188,448 | ---- | C] () -- C:\WINDOWS\System32\bocof.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw32000c.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw320007.dll [2008-12-08 14:53:36 | 000,000,586 | ---- | C] () -- C:\WINDOWS\owl.ini [2008-11-29 22:18:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-11-20 15:44:17 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-02 12:07:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008-10-25 22:51:56 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-13 07:28:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-10-13 07:28:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-10-12 21:36:36 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-10-12 21:36:36 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-10-12 21:36:36 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-10-12 21:36:36 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-12 21:25:36 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-10-12 19:40:33 | 000,058,750 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini [2008-10-12 19:40:32 | 000,014,972 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini [2008-10-12 19:40:31 | 000,018,031 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-06-05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-01-14 13:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-03-18 01:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2008-10-12 22:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CCP [2010-05-04 14:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-05-30 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-20 20:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 18:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-08-05 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-03-22 16:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2010-06-14 21:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee [2010-04-02 11:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-17 14:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test [2010-07-18 12:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test105 [2010-05-10 20:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Command and Conquer 4 [2008-10-26 08:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\DAEMON Tools [2010-02-24 11:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Gadu-Gadu 10 [2010-02-25 12:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LG Electronics [2010-07-17 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LolClient [2010-03-29 00:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mount&Blade [2010-06-05 11:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape [2010-08-05 21:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\TS3Client [2010-09-01 14:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

Drugi log sie nie pojawil o_O (??)..

Co do temperatur to dosc dziwna sprawa.. Instaluje Everesta patrze na temperatury a tam prawie 80*...

W biosie to samo.. Co najlepsze po odkręceniu budy radiator nie jest w ogole gorący. Jest conajwyzej lekko cieply. A wiatrak na procku sie nie kreci.. Musialem go lekko walnac reka by sie wzial do roboty... Co i tak wiele nie pomoglo bo kreci sie jakby chcial a nie moze.. Momentalnie wszystko wyczyscilem w srodku z wszelkiego kurzy i innych pasci ale dalej cos jets nie halo.

**Posty:** 584 · przez **Andziorka** 03 Wrz 2010, 00:31

W biosie to samo

To albo taka temperatura jest rzeczywiście, albo walnięty czujnik. Jaki masz procesor?
A sprawdź programem Core Temp temperaturę może. Wiatrak w takim razie klasyfikowałby się do wymiany.

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 00:36

Wedlug tego programy temperatura waha sie miedzy 80 a 82 stopnie.. Co mnie troche dziwi bo jakby faktycznie taka temperatura byla to raczej bym bez problemu radiatora nie dotknal..

**Posty:** 584 · przez **Andziorka** 03 Wrz 2010, 00:39

To może być walnięty czujnik skoro normalnie dotykasz radiator i nie parzy.. A jaki procesor?

Drive C: | 146,48 Gb Total Space | 19,95 Gb Free Space | 13,62% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 6,72 Gb Free Space | 3,44% Space Free | Partition Type: NTFS
Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS

Zwolnij miejsce na dyskach.

http://www.driverskit.com/dll/hidserv.dll/963.html pobierz i wrzuć do katalogu: C:\WINDOWS\System32

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation)

Wyłącz w msconfig.

Log czysty.

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 09:52

Procesor C2D E4500.Boxowe chlodzenie bez zadnych zabaw w OC i inne duperela. Rano np juz poprawnie temperature pokazuje 45*.. Chociarz nonstop rosnie mimo tego ze nic nie robie.

Do jakiego poziomu zwiększyć miejsce na dyskach?

Reszta zrobiona.

**Posty:** 2183 · przez **NieWiem** 03 Wrz 2010, 10:03

Powymądrzam się trochę.

1. Używasz Gareny?
2. Od jak dawna używasz ESETa.
3. Wyinstaluj zupełnie Hamachi i zobacz czy mu odpuści.

Autor postu otrzymał pochwałę

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 10:40

1. Tak.
2. Od paru ladnych miesiecy.
3. No teoretycznie jest winstalowany. Bynamniej nie umie znalesc zadnych pozostalosci po nim na dysku.

**Posty:** 2183 · przez **NieWiem** 03 Wrz 2010, 10:47

Andziorka powywalała Ci sterowniki od Gareny. Może nie chodzić.
Czy w trybie awaryjnym tak samo system się ciągnie? Kiedy najbardziej?
Wykonaj nowe, świeże logi z OTL i loga z Gmera na ustawieniu -> rootkit/malware - zaznacz tylko usługi -> zaznacz pokaż wszystko.
Są jakieś pozostałości od Hamachi, które ręcznie wyciśniemy.

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 13:26

Garena dziala.
W trybie awaryjnym na moje oko bez wiekszych problemow dziala. Najbardziej muli tak po kilku minutach od uruchomienia kompa jak zaczone cos na nim robic.

GMER (po wykonaniu loga proces explorer.exe zaczal mi zjadac 80% CPU, skonczylo sie na restarcie)
http://www.wklej.org/id/384829/

OTL

Kod: Zaznacz wszystko: OTL logfile created on: 2010-09-03 13:33:07 - Run 4 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Welcome\Pulpit\CLEAN UP Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 19,97 Gb Free Space | 13,63% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 6,72 Gb Free Space | 3,44% Space Free | Partition Type: NTFS Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: Welcome Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe PRC - [2010-07-28 09:31:01 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe PRC - [2010-07-22 01:24:16 | 012,477,024 | ---- | M] (GG Network S.A.) -- C:\Program Files\Gadu-Gadu 10\gg.exe PRC - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe PRC - [2009-11-16 09:03:32 | 002,054,360 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe PRC - [2008-09-20 21:36:11 | 001,035,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe PRC - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetsrv\inetinfo.exe [color=#E56717]========== Modules (SafeList) ==========[/color] MOD - [2010-09-02 11:06:01 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Welcome\Pulpit\CLEAN UP\OTL.exe MOD - [2008-09-20 21:35:32 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV - [2010-05-03 19:01:00 | 003,658,096 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\WINDOWS\System32\GameMon.des -- (npggsvc) SRV - [2009-11-16 09:12:54 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv) SRV - [2009-11-16 09:04:30 | 000,735,960 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC) SRV - [2008-09-20 21:35:59 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\zd1211Bu.sys -- (ZD1211BU(Atheros)) Atheros ZD1211B IEEE 802.11 Wireless LAN Driver (USB)(Atheros) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\Video3D32.sys -- (Video3D) DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\cpuz130\cpuz_x32.sys -- (cpuz130) DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOCUME~1\Welcome\USTAWI~1\Temp\ALSysIO.sys -- (ALSysIO) DRV - [2010-09-03 13:16:02 | 000,025,616 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Welcome\Ustawienia lokalne\temp\KBR5B.tmp -- (GarenaPEngine) DRV - [2010-05-28 13:47:07 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50) DRV - [2009-11-26 00:06:34 | 000,034,384 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ScreamingBAudio.sys -- (SCREAMINGBDRIVER) DRV - [2009-11-16 09:06:50 | 000,096,408 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir) DRV - [2009-11-16 09:03:36 | 000,108,792 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ehdrv.sys -- (ehdrv) DRV - [2009-11-16 08:56:12 | 000,116,520 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon) DRV - [2009-09-23 10:41:58 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi) DRV - [2009-04-01 02:09:16 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgvmodem.sys -- (LGVMODEM) DRV - [2009-04-01 02:09:16 | 000,011,904 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtport.sys -- (LgBttPort) DRV - [2009-04-01 02:09:14 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\lgbtbus.sys -- (lgbusenum) DRV - [2008-12-26 12:56:04 | 000,017,792 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vcsvad.sys -- (VCSVADHWSer) Avnex Virtual Audio Device (WDM) DRV - [2008-11-12 15:54:00 | 006,188,320 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv) DRV - [2008-09-20 21:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus) DRV - [2008-07-08 15:55:56 | 000,121,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdm.sys -- (lgmdmdm) DRV - [2008-07-08 15:55:56 | 000,114,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmgmt.sys -- (lgmdmgmt) LG Mobile USB WMC Device Management Drivers (WDM) DRV - [2008-07-08 15:55:56 | 000,111,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdobex.sys -- (lgmdobex) DRV - [2008-07-08 15:55:56 | 000,089,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdbus.sys -- (lgmdbus) LG Mobile driver (WDM) DRV - [2008-07-08 15:55:56 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lgmdmdfl.sys -- (lgmdmdfl) DRV - [2008-04-29 10:00:00 | 000,288,896 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp) DRV - [2008-04-17 16:33:26 | 004,707,328 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM) DRV - [2007-10-23 18:48:16 | 000,012,416 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asusgsb.sys -- (asusgsb) DRV - [2006-11-30 16:13:56 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se45bus.sys -- (se45bus) Sony Ericsson Device 069 driver (WDM) DRV - [2006-06-14 14:44:30 | 000,012,288 | R--- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\EIO_XP.sys -- (EIO_XP) DRV - [2004-10-15 13:50:20 | 000,015,295 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BrScnUsb.sys -- (BrScnUsb) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "google.pl" FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.8.20100408.6 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..network.proxy.backup.ftp: "" FF - prefs.js..network.proxy.backup.ftp_port: "" FF - prefs.js..network.proxy.backup.gopher: "" FF - prefs.js..network.proxy.backup.gopher_port: "" FF - prefs.js..network.proxy.backup.socks: "" FF - prefs.js..network.proxy.backup.socks_port: "" FF - prefs.js..network.proxy.backup.ssl: "" FF - prefs.js..network.proxy.backup.ssl_port: "" FF - prefs.js..network.proxy.type: 0 FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010-07-31 16:29:20 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010-07-28 09:31:03 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2010-05-30 21:47:59 | 000,000,000 | ---D | M] [2010-04-27 23:44:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Extensions [2010-09-02 16:20:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions [2008-10-12 21:33:32 | 000,000,000 | ---D | M] (X-Wars GHOST Plugin) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{90BCCD47-C818-41be-910E-0582947E30AF} [2010-07-15 14:51:09 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010-04-09 22:24:43 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Welcome\Dane aplikacji\Mozilla\Firefox\Profiles\ocbmo63o.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2010-09-02 16:20:23 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2010-06-05 17:59:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-06-05 17:58:57 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll [2007-12-11 10:07:00 | 000,307,200 | ---- | M] (ESKA) -- C:\Program Files\Mozilla Firefox\plugins\npOggX.dll [2010-07-15 12:42:51 | 000,002,767 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\allegro-pl.xml [2010-07-15 12:42:51 | 000,001,406 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\fbc-pl.xml [2010-07-15 12:42:51 | 000,000,917 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\merlin-pl.xml [2010-07-15 12:42:51 | 000,000,858 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\pwn-pl.xml [2010-07-15 12:42:51 | 000,001,183 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-pl.xml [2010-07-15 12:42:51 | 000,001,683 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wp-pl.xml O1 HOSTS File: ([2009-03-06 00:23:47 | 000,000,686 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS O1 - Hosts: 127.0.0.1 localhost O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET) O4 - HKLM..\Run: [PPort11reminder] C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableStatusMessages = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.) O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} http://www.mks.com.pl/skaner/SkanerOnline.cab (MksSkanerOnline Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.179.1.63 62.179.1.62 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Moja bieżąca strona główna) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2008-10-12 19:44:55 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2010-09-03 09:49:07 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll [2010-09-02 23:26:01 | 000,000,000 | ---D | C] -- C:\_OTL [2010-09-02 23:23:24 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Welcome\IETldCache [2010-09-02 23:08:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010-09-02 22:38:35 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010-09-02 22:36:08 | 000,000,000 | ---D | C] -- C:\1e2621fdad34190dd57265b707fe5c [2010-09-02 18:45:08 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010-09-02 18:45:07 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010-09-02 18:44:54 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll [2010-09-02 18:44:51 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010-09-02 18:44:44 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll [2010-09-02 18:43:56 | 000,000,000 | ---D | C] -- C:\fecbf9cee108d3f1cf43070b2dca3a [2010-09-02 16:21:01 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Welcome\Recent [2010-08-05 20:51:16 | 000,000,000 | ---D | C] -- C:\Riot Games [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2010-09-03 13:29:02 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-09-03 13:29:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-09-03 13:25:42 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-03 13:16:28 | 000,001,002 | ---- | M] () -- C:\Documents and Settings\Welcome\Pulpit\CoreTemp.ini [2010-09-03 13:16:28 | 000,000,011 | ---- | M] () -- C:\Documents and Settings\Welcome\Pulpit\Plugins.ini [2010-09-03 10:38:59 | 008,388,608 | -H-- | M] () -- C:\Documents and Settings\Welcome\NTUSER.DAT [2010-09-03 09:44:03 | 000,000,624 | ---- | M] () -- C:\WINDOWS\win.ini [2010-09-03 09:44:03 | 000,000,281 | RHS- | M] () -- C:\boot.ini [2010-09-03 09:44:03 | 000,000,258 | ---- | M] () -- C:\WINDOWS\system.ini [2010-09-03 09:42:29 | 000,199,135 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010-09-03 00:33:31 | 000,000,292 | -HS- | M] () -- C:\Documents and Settings\Welcome\ntuser.ini [2010-09-03 00:21:56 | 000,000,045 | ---- | M] () -- C:\WINDOWS\System32\initdebug.nfo [2010-09-03 00:11:41 | 000,043,934 | ---- | M] () -- C:\Documents and Settings\Welcome\Pulpit\aaa.jpg [2010-09-02 23:11:40 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010-09-02 23:06:31 | 000,000,476 | -H-- | M] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-09-02 22:49:33 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010-08-31 16:31:33 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010-08-29 15:02:20 | 000,439,824 | ---- | M] () -- C:\Documents and Settings\Welcome\Pulpit\Core Temp.exe [2010-08-12 12:54:27 | 000,020,992 | ---- | M] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | M] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [color=#E56717]========== Files Created - No Company Name ==========[/color] [2010-09-03 13:25:42 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\Welcome\Ustawienia lokalne\Dane aplikacji\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010-09-03 13:16:28 | 000,001,002 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\CoreTemp.ini [2010-09-03 13:16:28 | 000,000,011 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Plugins.ini [2010-09-03 09:45:22 | 000,439,824 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Core Temp.exe [2010-09-02 23:06:18 | 000,000,476 | -H-- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi.ini [2010-09-02 23:04:06 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK [2010-09-02 22:49:14 | 000,000,045 | ---- | C] () -- C:\WINDOWS\System32\initdebug.nfo [2010-08-24 13:42:21 | 801,547,164 | ---- | C] () -- C:\Documents and Settings\Welcome\Pulpit\Epizod 19 Weronika.avi [2010-08-09 11:53:50 | 000,020,992 | ---- | C] () -- C:\Documents and Settings\Welcome\Moje dokumenty\Krzysztof Piotrowiak.doc [2010-08-05 20:54:16 | 000,001,617 | ---- | C] () -- C:\Documents and Settings\All Users\Pulpit\League of Legends US.lnk [2010-05-28 02:09:00 | 000,041,872 | ---- | C] () -- C:\WINDOWS\System32\xfcodec.dll [2010-03-22 16:30:47 | 000,000,404 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010-03-22 16:28:28 | 000,031,767 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2009-11-02 00:50:16 | 001,208,840 | ---- | C] () -- C:\Documents and Settings\LocalService\Ustawienia lokalne\Dane aplikacji\FontCache3.0.0.0.dat [2009-08-29 19:35:29 | 000,000,040 | ---- | C] () -- C:\Documents and Settings\All Users\Dane aplikacji\ra3.ini [2009-07-12 22:49:53 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2008-12-14 22:41:12 | 000,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini [2008-12-08 14:53:37 | 000,000,499 | ---- | C] () -- C:\WINDOWS\BDE.INI [2008-12-08 14:53:37 | 000,000,177 | ---- | C] () -- C:\WINDOWS\BCW5.INI [2008-12-08 14:53:37 | 000,000,085 | ---- | C] () -- C:\WINDOWS\TDW.INI [2008-12-08 14:53:36 | 000,188,448 | ---- | C] () -- C:\WINDOWS\System32\bocof.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw32000c.dll [2008-12-08 14:53:36 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\bw320007.dll [2008-12-08 14:53:36 | 000,000,586 | ---- | C] () -- C:\WINDOWS\owl.ini [2008-11-29 22:18:27 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2008-11-20 15:44:17 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2008-11-02 12:07:56 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI [2008-10-25 22:51:56 | 000,003,972 | ---- | C] () -- C:\WINDOWS\System32\drivers\PciBus.sys [2008-10-13 07:28:12 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-10-13 07:28:12 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-10-12 21:36:36 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2008-10-12 21:36:36 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2008-10-12 21:36:36 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2008-10-12 21:36:36 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2008-10-12 21:25:36 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2008-10-12 19:40:33 | 000,058,750 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini [2008-10-12 19:40:32 | 000,014,972 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini [2008-10-12 19:40:31 | 000,018,031 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini [2008-10-07 10:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008-10-07 10:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008-06-05 08:58:26 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2003-04-08 12:40:22 | 000,005,679 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI [2002-01-14 13:37:00 | 000,459,776 | ---- | C] () -- C:\WINDOWS\System32\converter.dll [1996-04-03 21:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys [color=#E56717]========== LOP Check ==========[/color] [2010-03-18 01:05:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\AlawarWrapper [2008-10-12 22:11:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\CCP [2010-05-04 14:52:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\EA Core [2010-05-30 21:47:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ESET [2010-02-20 20:42:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Gadu-Gadu 10 [2010-03-28 18:15:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\OpenFM [2010-08-05 20:08:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\PMB Files [2010-03-22 16:28:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft [2010-06-14 21:14:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\Screaming Bee [2010-04-02 11:20:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dane aplikacji\stamina [2010-07-17 14:31:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test [2010-07-18 12:54:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\BugTrap Console Test105 [2010-05-10 20:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Command and Conquer 4 [2008-10-26 08:55:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\DAEMON Tools [2010-02-24 11:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Gadu-Gadu 10 [2010-02-25 12:54:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LG Electronics [2010-07-17 14:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\LolClient [2010-03-29 00:40:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Mount&Blade [2010-06-05 11:27:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape [2010-08-05 21:06:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\TS3Client [2010-09-01 14:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Welcome\Dane aplikacji\uTorrent [color=#E56717]========== Purity Check ==========[/color] < End of report >

Kod: Zaznacz wszystko: OTL Extras logfile created on: 2010-09-03 13:33:07 - Run 4 OTL by OldTimer - Version 3.2.11.0 Folder = C:\Documents and Settings\Welcome\Pulpit\CLEAN UP Windows XP Professional Edition Dodatek Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 90,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 146,48 Gb Total Space | 19,97 Gb Free Space | 13,63% Space Free | Partition Type: NTFS Drive D: | 195,31 Gb Total Space | 6,72 Gb Free Space | 3,44% Space Free | Partition Type: NTFS Drive E: | 123,97 Gb Total Space | 1,67 Gb Free Space | 1,35% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: PC Current User Name: Welcome Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- Reg Error: Key error. http [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) https [open] -- "C:\Program Files\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "57653:TCP" = 57653:TCP:*:Enabled:Pando Media Booster "57653:UDP" = 57653:UDP:*:Enabled:Pando Media Booster [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DisableNotifications" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "3724:TCP" = 3724:TCP:*:Enabled:Blizzard Downloader: 3724 "57653:TCP" = 57653:TCP:*:Enabled:Pando Media Booster "57653:UDP" = 57653:UDP:*:Enabled:Pando Media Booster "8394:TCP" = 8394:TCP:*:Enabled:League of Legends Launcher "8394:UDP" = 8394:UDP:*:Enabled:League of Legends Launcher "6993:TCP" = 6993:TCP:*:Enabled:League of Legends Launcher "6993:UDP" = 6993:UDP:*:Enabled:League of Legends Launcher "8378:TCP" = 8378:TCP:*:Enabled:League of Legends Launcher "8378:UDP" = 8378:UDP:*:Enabled:League of Legends Launcher "8379:TCP" = 8379:TCP:*:Enabled:League of Legends Launcher "8379:UDP" = 8379:UDP:*:Enabled:League of Legends Launcher "6892:TCP" = 6892:TCP:*:Enabled:League of Legends Launcher "6892:UDP" = 6892:UDP:*:Enabled:League of Legends Launcher "6955:TCP" = 6955:TCP:*:Enabled:League of Legends Launcher "6955:UDP" = 6955:UDP:*:Enabled:League of Legends Launcher [color=#E56717]========== Authorized Applications List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\Gadu-Gadu\gg.exe" = C:\Program Files\Gadu-Gadu\gg.exe:*:Enabled:Gadu-Gadu - program glowny -- File not found "C:\Program Files\mIRC\mirc.exe" = C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC -- (mIRC Co. Ltd.) "C:\Gry\EVE\bin\ExeFile.exe" = C:\Gry\EVE\bin\ExeFile.exe:*:Enabled:CCP ExeFile -- File not found "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found "C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Gry\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe" = C:\Gry\Heroes of Might and Magic V - Dzikie Hordy\bin\H5_Game.exe:*:Enabled:Heroes of Might and Magic V - Dzikie Hordy -- File not found "C:\Program Files\Hamachi\hamachi.exe" = C:\Program Files\Hamachi\hamachi.exe:*:Enabled:Hamachi -- File not found "C:\Gry\Spring\SpringDownloader.exe" = C:\Gry\Spring\SpringDownloader.exe:*:Enabled:SpringDownloader -- (caspring.org) "C:\Program Files\NX Client for Windows\nxclient.exe" = C:\Program Files\NX Client for Windows\nxclient.exe:*:Enabled:nxclient -- File not found "C:\Program Files\NX Client for Windows\bin\nxssh.exe" = C:\Program Files\NX Client for Windows\bin\nxssh.exe:*:Enabled:nxssh -- File not found "C:\Program Files\Ventrilo\Ventrilo.exe" = C:\Program Files\Ventrilo\Ventrilo.exe:*:Enabled:Ventrilo.exe -- () "C:\Gry\Władca Pierścieni® - Podbój™\Conquest.exe" = C:\Gry\Władca Pierścieni® - Podbój™\Conquest.exe:*:Enabled:Game -- File not found "C:\Gry\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.0.8.9464-to-3.0.8.9506-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Program Files\Konnekt\konnekt.exe" = C:\Program Files\Konnekt\konnekt.exe:*:Enabled:Konnekt - Core -- File not found "C:\Program Files\Curse\CurseClient.exe" = C:\Program Files\Curse\CurseClient.exe:*:Enabled:Curse Client -- File not found "C:\Gry\World of Warcraft\BackgroundDownloader.exe" = C:\Gry\World of Warcraft\BackgroundDownloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\Launcher.exe" = C:\Gry\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found "C:\Gry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\Gry\Warcraft III\Warcraft III.exe" = D:\Gry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- File not found "C:\Gry\Warcraft III\Warcraft III.exe" = C:\Gry\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III -- (Blizzard Entertainment) "D:\Red Alert 3\Data\ra3_1.0.game" = D:\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\MatchMaker\identd.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\MatchMaker\identd.exe:*:Enabled:identd -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\MatchMaker\identd.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\MatchMaker\identd.exe:*:Enabled:identd -- File not found "C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\populous\popTB.exe" = C:\Documents and Settings\Welcome\Pulpit\bullfrog\bullfrog\populous\popTB.exe:*:Enabled:D3Ddpop3w -- File not found "C:\Documents and Settings\Welcome\Moje dokumenty\OpenLieroX_0.57_beta8.win32\OpenLieroX\OpenLieroX.exe" = C:\Documents and Settings\Welcome\Moje dokumenty\OpenLieroX_0.57_beta8.win32\OpenLieroX\OpenLieroX.exe:*:Enabled:OpenLieroX -- File not found "C:\Gry\EA GAMES\Need for Speed Most Wanted\speed.exe" = C:\Gry\EA GAMES\Need for Speed Most Wanted\speed.exe:*:Enabled:speed -- File not found "C:\Documents and Settings\Welcome\Pulpit\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip.Skullptura\Red Alert 3\Data\ra3_1.0.game" = C:\Documents and Settings\Welcome\Pulpit\Command.and.Conquer.Red.Alert.3.Multi4.Full-Rip.Skullptura\Red Alert 3\Data\ra3_1.0.game:*:Enabled:Command & Conquer™ Red Alert™ 3 -- File not found "C:\Gry\DoW DC\Dawn of War - Dark Crusade\DarkCrusade.exe" = C:\Gry\DoW DC\Dawn of War - Dark Crusade\DarkCrusade.exe:*:Enabled:DarkCrusade -- File not found "C:\Gry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Gry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe" = C:\Gry\World of Warcraft\WoW-3.2.2.10482-to-3.2.2.10505-enGB-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10522-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10522-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10522-to-0.3.0.10554-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\Launcher.exe" = D:\World of Warcraft Public Test\Launcher.exe:*:Enabled:Blizzard Launcher -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10554-to-0.3.0.10571-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enGB-ptr-downloader.exe" = D:\World of Warcraft Public Test\WoW-0.3.0.10571-to-0.3.0.10596-enGB-ptr-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" = C:\Documents and Settings\Welcome\Dane aplikacji\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe:*:Enabled:Main program for Octoshape client -- (Octoshape ApS) "C:\Gry\Ubisoft\Settlers IV - Zlota Edycja\Exe\S4_Main.exe" = C:\Gry\Ubisoft\Settlers IV - Zlota Edycja\Exe\S4_Main.exe:*:Enabled:S4_Main -- (Blue Byte Software, Inc.) "C:\Program Files\Steam\Steam.exe" = C:\Program Files\Steam\Steam.exe:*:Enabled:Steam -- (Valve Corporation) "C:\Program Files\Steam\steamapps\teitbite\counter-strike\hl.exe" = C:\Program Files\Steam\steamapps\teitbite\counter-strike\hl.exe:*:Enabled:Counter-Strike -- (Valve) "C:\Program Files\Pando Networks\Media Booster\PMB.exe" = C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- () "C:\Gry\League of Legends\Air\LolClient.exe" = C:\Gry\League of Legends\Air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "C:\Gry\League of Legends\Game\League of Legends.exe" = C:\Gry\League of Legends\Game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () "C:\Riot Games\League of Legends\air\LolClient.exe" = C:\Riot Games\League of Legends\air\LolClient.exe:*:Enabled:League of Legends Lobby -- () "C:\Riot Games\League of Legends\game\League of Legends.exe" = C:\Riot Games\League of Legends\game\League of Legends.exe:*:Enabled:League of Legends Game Client -- () [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{011D1ECA-74C7-429E-B97F-8FF154A0EC19}" = Wiggles "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{1871FE54-36AA-478F-B374-A46BA54474CC}" = ESET NOD32 Antivirus "{1BA7B068-4719-42A3-B553-D4ED97434F92}" = ASUS Utilities "{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20 "{2965C062-FBC0-4505-9EB8-4497252BB41F}" = Gothic II "{296D8550-CB06-48E4-9A8B-E5034FB64715}" = Command & Conquer™ Red Alert™ 3 "{2AFF2951-86B1-3C53-B34D-B440F11E7D0A}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PLK "{2BC2781A-F7F6-452E-95EB-018A522F1B2C}" = PaperPort Image Printer "{32A3A4F4-B792-11D6-A78A-00B0D0160170}" = Java(TM) SE Development Kit 6 Update 17 "{350C9415-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A0DDC27-88E5-3CAD-BC3D-28FFD05CA6B9}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PLK "{5C4ED859-875F-4299-AA2C-E0E393BDCD21}" = ScanSoft PaperPort 11 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}" = Brother MFL-Pro Suite DCP-365CN "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{758A4269-70E5-4B11-B419-F692882408A9}" = Gothic "{789289CA-F73A-4A16-A331-54D498CE069F}" = Ventrilo Client "{81C6BFED-691E-402A-95DA-F6DE1A351045}" = Nero 8 "{82696435-8572-4D8B-A230-D1AA567D0F0F}" = Command & Conquer™ 4 Tyberyjski Zmierzch "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90110415-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9EFDFBA8-9174-3C61-8645-28376C5CA994}" = Microsoft .NET Framework 3.5 Language Pack SP1 - plk "{A2422674-F3A7-46F2-8966-EC6B1FBD6EB3}" = Settlers IV - Złota Edycja "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9}" = LG MC USB U330 driver "{AC54E544-3E42-443C-A91D-A00A6974C592}" = NVIDIA PhysX v8.10.13 "{B9CA59A0-3B70-48F8-9054-67595DE6E72B}" = League of Legends "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C0E18DC4-C74A-4889-AE3A-933471023787}" = LG PC Suite III "{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "{C6754E95-9700-45AB-A6C5-668F5F449E27}" = LG Bluetooth Driver "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2 "{D54640A3-2C2B-4CB1-9666-01E55F54E7F5}" = NCsoft Launcher "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{FA02ACAC-9E14-4878-A257-92A22A647C2C}" = LG USB Modem Drivers "7-Zip" = 7-Zip 4.65 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "CCleaner" = CCleaner "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "ffdshow_is1" = ffdshow [rev 1803] [2008-01-20] "Foxit Reader" = Foxit Reader "Gadu-Gadu 10" = Gadu-Gadu 10 "Garena" = Garena 2010 "Graphical Enhancement Textures" = Graphical Enhancement Textures 2.5 "ie8" = Windows Internet Explorer 8 "InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}" = Fable - The Lost Chapters "Knights and Merchants TPR" = Knights and Merchants TPR "League of Legends_is1" = League of Legends "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 Language Pack SP1 - plk" = Pakiet językowy programu Microsoft .NET Framework 3.5 z dodatkiem SP1 — PLK "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "mIRC" = mIRC "Mount&Blade" = Mount&Blade "Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8) "NAPIPROJEKT_is1" = NAPIPROJEKT 1.0.6.2 "NVIDIA Drivers" = NVIDIA Drivers "oDC" = oDC (remove only) "Picasa 3" = Picasa 3 "RealAlt_is1" = Real Alternative 1.7.5 "SkanerOnline" = Skaner on-line mks_vir "Steam App 10" = Counter-Strike "SubEdit-Player_is1" = SubEdit-Player "SystemRequirementsLab" = System Requirements Lab "Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Virtua Tennis" = Virtua Tennis "Winamp" = Winamp "WinRAR archiver" = WinRAR archiver "Xfire" = Xfire (remove only) "XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0 "xvid" = XviD MPEG-4 Video Codec [color=#E56717]========== HKEY_USERS Uninstall List ==========[/color] [HKEY_USERS\S-1-5-21-1659004503-1801674531-682003330-1005\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "090215de958f1060" = Curse Client "Octoshape Streaming Services" = Octoshape Streaming Services "uTorrent" = µTorrent "Warcraft III" = Warcraft III: wszystkie elementy "World of Logs Client" = World of Logs Client [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 2010-04-19 17:04:23 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/04/19 23:04:23.927]: [00000640]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-04-28 04:52:31 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/04/28 10:52:31.046]: [00000700]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-14 11:44:25 | Computer Name = PC | Source = ESENT | ID = 482 Description = wuauclt (1536) Próba zapisu do pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb" na pozycji względnej 0 (0x0000000000000000) w ilości 8192 (0x00002000) bajtów zakończyła się niepomyślnie z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error - 2010-05-14 11:44:25 | Computer Name = PC | Source = ESENT | ID = 439 Description = wuauclt (1536) Nie można dokonać zapisu lustrzanego nagłówka pliku C:\WINDOWS\SoftwareDistribution\DataStore\Logs\tmp.edb. Błąd -1808. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 482 Description = wuauclt (184) Próba zapisu do pliku "C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk" na pozycji względnej 0 (0x0000000000000000) w ilości 4096 (0x00001000) bajtów zakończyła się niepomyślnie z błędem systemowym 112 (0x00000070): "Za mało miejsca na dysku. ". Operacja zapisu zostanie zakończona z błędem -1808 (0xfffff8f0). Jeśli ta sytuacja będzie się powtarzać, plik może być uszkodzony i może być konieczne przywrócenie go z wcześniejszej kopii zapasowej. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 439 Description = wuauclt (184) Nie można dokonać zapisu lustrzanego nagłówka pliku C:\WINDOWS\SoftwareDistribution\DataStore\Logs\edb.chk. Błąd -1808. Error - 2010-05-14 11:44:26 | Computer Name = PC | Source = ESENT | ID = 454 Description = wuauclt (184) Odzyskiwanie/przywracanie bazy danych nie powiodło się z powodu nieoczekiwanego błędu: -510. Error - 2010-05-18 05:23:04 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/18 11:23:04.089]: [00000948]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-24 05:51:27 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/24 11:51:27.671]: [00000976]: CUsbScnDev: DeviceIoControl Illegal response Error - 2010-05-26 05:48:27 | Computer Name = PC | Source = Brother BrLog | ID = 1001 Description = STI BrtSTI: [2010/05/26 11:48:27.015]: [00000976]: CUsbScnDev: DeviceIoControl Illegal response [ System Events ] Error - 2010-09-03 03:42:37 | Computer Name = PC | Source = SRService | ID = 104 Description = Proces inicjalizacji Przywracania systemu nie powiódł się. Error - 2010-09-03 03:42:40 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Usługa przywracania systemu zakończyła działanie; wystąpił następujący błąd: %%2 Error - 2010-09-03 03:42:40 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-03 07:14:33 | Computer Name = PC | Source = SRService | ID = 104 Description = Proces inicjalizacji Przywracania systemu nie powiódł się. Error - 2010-09-03 07:14:38 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Usługa przywracania systemu zakończyła działanie; wystąpił następujący błąd: %%2 Error - 2010-09-03 07:14:38 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-03 07:29:14 | Computer Name = PC | Source = SRService | ID = 104 Description = Proces inicjalizacji Przywracania systemu nie powiódł się. Error - 2010-09-03 07:29:15 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Usługa przywracania systemu zakończyła działanie; wystąpił następujący błąd: %%2 Error - 2010-09-03 07:29:15 | Computer Name = PC | Source = Service Control Manager | ID = 7023 Description = Usługa Publikowanie w sieci World Wide Web zakończyła działanie; wystąpił następujący błąd: %%87 Error - 2010-09-03 07:30:37 | Computer Name = PC | Source = Service Control Manager | ID = 7034 Description = Usługa Java Quick Starter niespodziewanie zakończyła pracę. Wystąpiło to razy: 1. < End of report >

**Posty:** 584 · przez **Andziorka** 03 Wrz 2010, 14:48

Procesor C2D E4500.Boxowe chlodzenie bez zadnych zabaw w OC i inne duperela. Rano np juz poprawnie temperature pokazuje 45*.. Chociarz nonstop rosnie mimo tego ze nic nie robie.

Często czujniki się po prostu psują, może to być właśnie przyczyną problemów z dziwną temperaturą.

Do jakiego poziomu zwiększyć miejsce na dyskach?

Tu nie ma reguły, po prostu zrób nieco więcej miejsca.

**Posty:** 720 · przez **Devilek** 03 Wrz 2010, 19:49

Komputer postal caly dzien i temperatura jest teraz OK... chyba czujnik mial lekkiego focha i musial sie uspokoic...

A co wolnego miejsca cos mi sie tam udalo poczarowac. Ale dalej z deka muli..

Kto jest na forum